GHSA-9G2J-5685-H44H Apache Ambari SSRF Vulnerability

Server-side request forgery SSRF vulnerability in the proxy endpoint api/v1/proxy in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call...

Apache Ambari SSRF Vulnerability

Server-side request forgery SSRF vulnerability in the proxy endpoint api/v1/proxy in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call...

Rapid7 Measures Internet's Unsecured Services

A recent Internet scan threw a bucket of cold water on the notion that wonky, unsecured services have been significantly reduced from the Internet. “Today’s Internet in 2016 looks like the 1996 Internet, which is a little depressing,” said Rapid7 security research manager Tod Beardsley. Beardsley...

CVE-2015-1775

Server-side request forgery SSRF vulnerability in the proxy endpoint api/v1/proxy in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call...

Server side request forgery (ssrf)

Server-side request forgery SSRF vulnerability in the proxy endpoint api/v1/proxy in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call...

CVE-2015-1775

Apache Ambari (1.5.0–2.0.2) is vulnerable to SSRF via the proxy endpoint api/v1/proxy. The issue allows remote authenticated users to perform port scans and access unsecured services through a crafted REST call, due to improper validation in the proxy handling. Impact details in multiple sources ...